Infosec bits for 2024 week 16

Maajied Moos | April 22, 2024, 8:51 a.m.

Cybersecurity News:

Strategies to cultivate collaboration between NetOps and SecOps [Mirko Zorz, Help Net Security]

How to protect IP surveillance cameras from Wi-Fi jamming [Carsten Rhod Gregersen, Help Net Security]

Vulnerabilities & Patches:

Palo Alto Networks zero-day exploited since March to backdoor firewalls [Lawrence Abrams, Bleeping Computer]

Telegram fixes Windows app zero-day used to launch Python scripts [Lawrence Abrams, Bleeping Computer]

Delinea Secret Server customers should apply latest patches [Connor Jones, The Register]

Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack [Newsroom, The Hacker News]

Cisco discloses root escalation flaw with public exploit code [Sergiu Gatlan, Bleeping Computer]

Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities [Ionut Arghire, Security Week]

Breaches & Attacks:

ROKU DISCLOSED A NEW SECURITY BREACH IMPACTING 576,000 ACCOUNTS [Pierluigi Paganini, Security Affairs]

Ransomware gang starts leaking alleged stolen Change Healthcare data [Lawrence Abrams, Bleeping Computer]

Cisco Duo's Multifactor Authentication Service Breached [Becky Bracken, Dark Reading]

Malware

XZ backdoor story – Initial analysis [Global Research & Analysis Team, Kaspersky Lab, Secure List]

Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker [Newsroom, The Hacker News]

UKRAINIAN BLACKJACK GROUP USED ICS MALWARE FUXNET AGAINST RUSSIAN TARGETS [Pierluigi Paganini, Security Affairs]

Researchers stop ‘credible takeover attempt’ similar to XZ Utils backdoor incident [Jonathan Greig, The Record]